Microsoft turns over all Windows 7 and server source code to Russia’s new KGB

Here’s something in the news lately that is rather interesting. According to this blog on ZDNet, Microsoft is turning over all Windows 7 and server source code to Russia’s new KGB.

“Microsoft has always carefully protected the source code to its operating systems. In fact, a key distinction between the various Windows variants and open source OSs like Linux and BSD is that Linux and BSD are open source.”

“That’s why a little piece of news covered by ZDNet UK’s Tom Espiner is so astonishing.

According to Espiner, Microsoft has turned over all its source code for Windows 7, along with its source for Microsoft Windows Server 2008 R2, Microsoft Office 2010 and Microsoft SQL Server to Russia’s Federal’naya sluzhba bezopasnosti Rossiyskoy Federatsii. The FSB is present-day Russia’s successor to the infamous Soviet-era KGB.”

“From a security perspective, this is an astonishing act. The agency that took over from the KGB and which has been just recently proven to be conducting long-term spying operations against the United States now has access to Windows source code — while at the same time, most American IT operations don’t.

Not only does this give the Russians the opportunity to find gaps in Windows security — it gives them the opportunity to do so while most American companies and organizations don’t have the same opportunity to find the same gaps and plug them.”

“If Microsoft’s going to give source code to Russia, it should release it to the public. Open source certainly hasn’t harmed Linux’ success and doing so would at least put American IT operators on a level playing field with the Russian secret service.”

I haven’t seen Microsoft’s response to this so far and will let Microsoft explain what exactly is and isn’t shared but I do know that Microsoft has a Product Source Program for the benefit of governments, enterprises, OEMs, developers, faculty & students, system integrators, and Microsoft MVPs like me.

The MVP Source Licensing Program (MVPSLP) is a no-cost program that licenses Microsoft Windows source code to qualified Microsoft MVPs. The program gives MVPs the opportunity to differentiate themselves professionally as Windows platform experts through access to Windows source code. Similarly, there are free programs for enterprises and governments. The Government Security Program (GSP) provides national governments with information to help them evaluate the security of Microsoft products.

I don’t think we should panic over this because Microsoft is run by Americans who love this country. It’s hard for me to believe that they would pass on any information to the Russians, or to any other government for that matter, that could impact our security. Not to mention the fact that all export of such information is subject to the U.S. export approval and over 90% of Shared Source offerings are available for download by anyone. According to Microsoft:

“The Product Source Programs, licenses selected Microsoft product source code to qualifying customers, partners, and governments. Access to source is granted only to those who are eligible and who qualifying under the terms of each program.”

Again, I haven’t seen Microsoft’s response to this but I seriously doubt that Microsoft will release every single bit of Windows code to anyone outside Microsoft…..and definitely not to the new Russian KGB (called FSB). If Microsoft does, they would join the Open Source community and as far as I know Microsoft has no intention of doing that.